Oddly enough considering the Windows security holes discovered routinely, another place to go for Java developers to learn how to secure their applications is Microsoft's SDL (Security Development Life Cycle) practice. This effort covers training, requirements, design, implementation, release, and response. Free tools are available as well. "The SDL process is not specific to Microsoft or the Windows platform and can be applied to different operating systems, platforms, development methodologies, and projects of any size," a Microsoft representative notes.

There's probably no way for Java developers to prevent all intrusions taking advantage of Java -- determined intruders will find a way in. And some problems will still require Oracle's attention, despite developers' best efforts. But it is not a bad idea for Java developers to avail themselves to all resources available to try to make security less of an issue.